<?php
 global $SSO, $Security, $AppID, $User, $DB;

 //Check to see if there is a valid session 
$SessionInfo = $SSO->isValidSession("index.php?action=login", $SSO->getSessionInformation());	
	
//Check to see if the user has rights to be on LivingWeb
$PageRights = array('ADMIN');
$UserRoles = $Security->ValidateUser($SessionInfo['username'], $AppID, $PageRights, 1);

 if($_POST['btnSave'] == 'Remove') {
	$DB->query("delete from signups where username = '".$_POST['txtUsername']."' and event_id = ".$_POST['txtEventId']);
	if(substr($_POST['txtUsername'],0,4) == "AUTO") {
		$DB->query("delete from users where username = '".$_POST['txtUsername']."'");
	}
	
	 // TODO: Add functionality to notify the user with an email if they were not autogenerated 
	 
 }
 else if($_POST['btnSave'] == 'Add') {
 	 $userFields['fullname'] = $_POST['txtFullName'];
 	 $userFields['email'] = $_POST['txtEmail'];
 	
	 $username = $User->createGeneratedUser($userFields);
	
	 $value_array = 			array (
			'username'			=>  $username,
			'event_id'			=> 	$_POST['txtEventId'],
			'signup_datetime'	=> 	$_POST['txtSlotDateTime'],
			'email_user'        =>  trim($_POST['txtEmail'])==""?0:1  
	 );
	
	$db_string = $DB->compile_db_insert_string($value_array);
	$DB->query("INSERT INTO signups (".$db_string['FIELD_NAMES'].") VALUES (".$db_string['FIELD_VALUES'].")");	 	
 }
 else {
 	null;
 }

header("Location: index.php?action=editSignUpsByEvent&eventId=".$_POST['txtEventId']."&slotDate=".substr($_POST['txtSlotDateTime'],0,10));
?>